Annual report concludes that malware increased 172% in 2006

The number of malware detections in 2006 was 172 percent up on 2005.  PandaLabs’ 2006 annual report (registration required) explains this growth and other aspects of the current malware situation.

Massive infections caused by a single virus have practically disappeared. Instead, multiple variants now silently infect computers. “The users have a false sense of security, believing there are no dangerous threats. The truth is, however, that there is now more malware than ever.  PandaLabs detected the same amount of malware last year as in the previous fifteen years combined,” confirms Luis Corrons, Technical Director of PandaLabs.

Hybrid malware was an increasing trend in 2006, and according to PandaLabs, this trend will continue in 2007. One such example is the fusion between worms or Trojans and rootkits. As a result of this, in the future it will be more difficult to distinguish between different malware families.

The report also analyzes how malware evolved in 2006.  Trojans have now become the most popular type of malware. This is largely because they spread silently and are therefore ideal for targeted attacks.

Regarding spyware, or more specifically adware, the report underlines how widely it is now distributed due in part to the fact that these programs conceal themselves as part of other legitimate programs and that users do not consider them dangerous. Adware creators are therefore exploiting the situation and reaping the benefits.

On the subject of bots, the report stresses the changes in the way they are being used. “As firewalls evolve and port monitoring improves, bot herders are having to control their creations using alternative means, such as P2P networks. It is therefore more difficult to detect botnets since they are more diffuse, unlike the current ones which are usually more centralized,” says Luis Corrons.
The use of worms as a means of propagation for other malware is another trend confirmed in 2006.

The motivation of cyber-crooks during 2006 was once again financial. In this sense, the sale of malware online flourished last year. It is now possible on the Internet to buy any number of malicious tools, from kits for creating phishing web pages to vulnerability exploits or services for creating Trojans. This black market is now said to be worth more than the entire anti-malware industry.

What to expect in 2007

According to PandaLabs spam rates will continue to be high this year, since people are still buying what is advertised in the emails.

Social engineering will continue to cause problems.  Luis Corrons explains: “The fact that malware still spreads using false emails related to Valentine’s Day or Christmas, reveals the need for technological solutions capable of detecting malware in the emails received every day.”

The report also describes the innovative and curious attacks that took place in 2006, such as the presence of malware in virtual worlds (SecondLife, World of Warcraft, etc.).  It also covers subjects including the sale of devices infected by malware or social engineering using Christmas-related subjects.